Recently, when my partner logged on a recently created CentOS server hosted at Digital Ocean, he saw the following messages:

Last failed login: Tue Jul 29 16:27:31 EDT 2014 from stuff2share.net on ssh:notty There were 20 failed login attempts since the last successful login

Clearly that wasn't us trying to log in. Obviously, there was some malicious user(s) likely trying to enter our server with brute-force attacks. We were under a ssh brute force attack. Such malicious scan is not uncommon these days. It came just a couple days after our new server was up.